question about bogon prefix
rdrake at direcpath.com
Tue Jun 10 04:57:23 UTC 2014
On 6/9/2014 11:00 PM, Song Li wrote:
> Hi everyone,
> I found many ISP announced bogon prefix, for example:
> OriginAS Announcement Description
> AS7018 188.8.131.52/24 unallocated
> AS209 184.108.40.206/20 unallocated
> my question is why the tier1 and other ISP announce these unallocated
> bogon prefixes, and another interesting question is:
You could also ask why are other providers accepting the route, since I
could announce 220.127.116.11/20 from my router and my upstream would
Of course, those two ASNs have a huge number of routes so they probably
aren't filtered as closely by their peers.
But.. even if you're hyper diligent and blocking bogon routes, you'll
need to ask yourself why it's not in the bogon list:
curl -s http://www.team-cymru.org/Services/Bogons/fullbogons-ipv4.txt |
It's also not on http://www.cymru.com/BGP/bogons.html but 18.104.22.168/24 is.
Now, according to this:
It belongs to the Franciscan Health System. The one IP that is in DNS
seems to back this up (it's called mercyvpn.org)
Whois Record created: 04 Jan 2005
Whois Record updated: 24 Feb 2012
My guess is one of two things. Maybe they renumbered out of the /20 but
left a VPN server up and haven't managed to migrate off it yet, but they
have asked to return the block.. or, they forgot to pay their bill to
ARIN and the block has been removed from whois but Qwest isn't as
diligent because they're still being paid.
I've CC'd the technical contact listed in the old whois information so
maybe he can get things corrected.
> If I am ISP, can I announce the same bogon prefix(22.214.171.124/24) with
> AS7018 announced? Will this result in prefix hijacking?
I can find nothing on google that offers any legitimacy for
126.96.36.199/24, but it is has been announced for 2 years so maybe there
is some squatters rights at least. It doesn't appear to be a spam
source and I don't think any hosts are up on it right now. Maybe it's a
test route that never got removed. It makes me sad that nobody at ATT
reads the CIDR report. They've only got a couple of bogon announcements
so it would be trivial for them to either acknowledge them and claim
legitimacy or clean them up.
More information about the NANOG